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DETAILED ACTION 
Claim Rejections - 35 USC § 102 

1. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 

(e) The invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent or 
(2) a patent granted on an application for patent by another filed in the United States before 
the invention by the applicant for patent, except that an international application filed under 
the treaty defined in section 351(a) shall have the effects for purposes of this subsection of an 
application filed in the United States only if the international application designated the United 
States and was published under Article 21 (2) of such treaty in the English language. 

2. Claims 1-10, 14-16 and 18-28 are rejected under 35 U.S.C. 102(e) as 
being anticipated by US 2003/0061505 A1 to Sperry. 

As to claim 1, Sperry discloses a method, comprising: when a packet is to 
be sent over a secured connection, determining if the secured connection is set 
up; when the secured connection is not set up, storing the packet; and after 
storing the packet, when the secure connection is set up, retrieving the packet 
and transmitting the packet over the secured connection. In one embodiment 
Sperry teaches that a secure network connection is used (FIG 1; page 2, 
paragraph 0024, and page 2, paragraph 0012) and check up the connection 
status whether it is secured or not and then establishes secure connection (page 
8, paragraph 0076 and page 6, paragraph 0061), the packet is stored in the 
"queue" (page 8, paragraph 0076). Packet is transmitted only after the 
establishment of secure connection (page 8, paragraph 0076 and page 6, 
paragraph 0062). 



Application/Control Number: 10/686,086 Page 3 

Art Unit: 2616 

As to claim 2, Sperry discloses wherein the secured connection is an 
Internet protocol security protocol connection. In (page 3, paragraph 0028 and 
page 2, paragraph 0014), Sperry teaches that IPSEC was used as to 
demonstrate the said method and system for security scanning network traffic. 

As to claim 3, Sperry discloses wherein the secured connection is set up 
when a security association associated with the secured connection is set up. In 
(page 3, paragraph 0029), Sperry teaches IKE a type of security association 
(SA) is associated with the secure connection (page 6, paragraph 0061 ). 

As to claim 4, Sperry discloses wherein when the secured connection is 
not set up, setting up the secured connection. In (page 8, paragraph 0076 and 
page 6, paragraph 0061), Sperry teaches that SA is established when no 
connection is found. 

As to claim 5, Sperry discloses wherein setting up the secured connection 
includes negotiating a security association associated with the secure 
connection. A method for negotiating a security association (SA) associated 
with the secure connections is mentioned in (page 6, paragraph 0060, 0061 and 
page 7, paragraph 0063). 

As to claim 6, Sperry discloses wherein negotiation the security 
association includes negotiating the security association using the Internet key 
exchange protocol (IKE). A method for negotiating a security association (SA) 
associated with the secure connections using IKE is mentioned in (page 6, 
paragraph 0060 and 0061). 
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As to claim 7, Sperry discloses wherein a system, comprising: a 
networking subsystem; a security subsystem; a negotiation subsystem; and a 
packet store; wherein when the networking subsystem generates a packet that 
is to be transmitted over a secure connection, the networking subsystem 
determines if the secure connection is setup; when the secure connection is set 
up, the networking subsystem signals the negotiation subsystem to set up the 
secure connection and stores the packet in the packet store; and after storing 
the packet, the security subsystem periodically determines whether the secure 
connection is set up and, when the security subsystem determines that the 
secure connection is set up, the packet is retrieved from the packet store and 
the security subsystem transforms the packet and transmits the packet over the 
secure connection. For response to this claim, please look at claims 1,3,4, and 
5 mentioned above. 

As to claim 8, Sperry discloses wherein the networking subsystem stores 
the packet in a queue. In (page 8, paragraph 0076) Sperry teaches about queue 
up packet. 

As to claim 9, Sperry discloses wherein when the networking subsystem 
determines that storing the packet would violate a constraint related to the 
storage of the packet, the networking subsystem does not store the packet and 
wherein when the networking subsystem determines that storing the packet 
would not violate a constraint related to the storage of the packet, the 
networking subsystem stores the packet. In (page 8, paragraph 0076) Sperry 
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teaches that Master IPSec Engine does check the status and rules for storing 
packets and it also executes the rule of releasing the packets. 

As to claim 10, Sperry discloses wherein the system of claim 9, wherein 
when the networking subsystem determines that storing the packet would 
violate a constraint related to the storage of the packet, the networking 
subsystem does not store the packet and wherein when the networking 
subsystem determines that storing the packet would not violate a constraint 
related to the storage of the packet, the networking subsystem stores the 
packet. For response to this claim, please look at claim 9 mentioned above. 

As to claim 14, Sperry discloses wherein a timer that determines when 
the security subsystem periodically determines whether the secure association 
exists for the Internet protocol security protocol connection. In his invention, 
Sperry teaches that the IPSec security key materials may be refreshed from 
time to time to prevent security compromise. The frequency of refresh depends, 
in part, on the strength of the algorithm, the amount of data that has employed 
the current IPSec security association, and the like (page 7, paragraph 0063). 

As to claim 15, Sperry discloses wherein a system, comprising: a 
networking subsystem; an internet protocol security protocol subsystem; an 
internet key exchange subsystem; and a packet store; wherein when the 
networking subsystem generates a packet that is to be transmitted over an 
internet protocol security protocol connection, the networking subsystem 
determines if a security association associated with the internet protocol security 
protocol connection exists; when the security association does not exist, the 
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networking subsystem signals the internet key exchange subsystem to negotiate 
the security association and stores the packet in the packet store; and after 
storing the packet, the internet protocol security protocol subsystem periodically 
determines whether the security association exists for the internet protocol 
security protocol connection and, when the internet protocol security protocol 
subsystem determines that the security association exists for the internet 
protocol security protocol connection, the packet is retrieved from the packet 
store and the internet protocol security protocol subsystem transforms the 
packet and transmits the packet over the internet protocol security protocol 
connection in accordance with the internet protocol security protocol. For 
response to this claim, please look at claim 1, 2, 6, and 14 mentioned above. 

As to claim 16, Sperry discloses wherein the system of claim 15, wherein 
the Internet protocol security protocol subsystem determines whether the 
security association exists for the Internet protocol security protocol connection 
after successive periodic intervals elapse. For response to this claim, please 
look at claim 14 mentioned above. 

As to claim 18, Sperry discloses wherein programmable-processor 
readable medium on which program instructions are stored, wherein the 
program instructions are operable to cause a programmable processor to: when 
a packet is to be sent over a secured connection, determine if the secured 
connection is set up; when the secured connection is not set up, store the 
packet; and after storing the packet, when the secure connection is set up, 
retrieve the packet and transmitting the packet over the secured connection. In 



Application/Control Number: 10/686,086 Page 
Art Unit: 2616 

(FIG. 3 and page 3, paragraph 0044) Sperry teaches about a programmable 
processor unit. 

As to claim 19, please see similar rejection to claim 1. In addition, Sperry 
discloses a cable modem termination system. In (page 1, paragraph 0007) 
Sperry teaches remote access from remote computer 140 to facilities within 
private network 140 is accomplished via a relatively slow connection, such as a 
dial-up connection at about 56 Kbps, a DSL (digital subscriber line) connection 
at about 1 Mbits/sec or slower, or a cable modem connection at analogous 
speeds. Also note that the programmable processor is shown in (FIG. 3, 
reference character 308). 

As to claim 20, please see similar rejection to claim 1 and claim 19. Also 
note that the programmable processor is shown in (FIG.3, reference character 
308). 

As to claim 21, please see similar rejection to claim 1 and claim 19. In 
addition, the internal backplane interface (that communicates with backplane 
network) is discussed in (page 5, paragraph 0053). 

As to claim 22, please see similar rejection to claim 19. In addition, the 
second network interface (that communicates with external network), is 
discussed in (page 5, paragraph 0053). 

As to claim 23, please see similar rejection to claim 19. In addition, look 
at rejection to claim 21 for black-plane interface. 

As to claim 24, Sperry discloses a network interface module comprising 
external network interface (that communicates with external network), internal 
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backplane interface (that communicates with backplane network) in (page 5, 
paragraph 0053 and FIG. 4, reference character 406 and 408). The 
programmable processor is shown in (FIG.3, reference character 308). In 
addition, please look at rejection to claim 1 for response of a method 
comprising: when a packet is to be sent over a secured connection, determining 
if the secured connection is set up; when the secured connection is not set up, 
storing the packet; and after storing the packet, when the secure connection is 
set up, retrieving the packet and transmitting the packet over the secured 
connection. 

As to claim 25, please see similar rejection to claim 24. In addition, 
Internet security set up negotiation is discussed in rejection to claim 5 and the 
processor is shown in (FIG.3, reference character 308). 

As to claim 26, please see similar rejection to claim 24. In addition, 
Internet key exchange protocol is discussed in rejection to claim 6 and the 
processor is shown in (FIG.3, reference character 308). 

As to claim 27, please see similar rejection to claim 24. In addition, 
Sperry discloses wherein the external network is a wide area network that 
includes the Internet. Sperry teaches that their invention is implemented in a 
wide area network (WAN) that includes Internet (FIG. 1; FIG. 2; page 3, 
paragraph 0028; page 1 , paragraph 0003; page 1 , paragraph 0004). 

As to claim 28, please see similar rejection to claim 24. In addition, 
Sperry discloses wherein the external network is a wide area network that 
includes the Internet. Sperry teaches that their invention is implemented in a 
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wide area network (WAN) that includes Internet (FIG. 1; FIG. 2; page 3,. 
paragraph 0028; page 1, paragraph 0003; page 1, paragraph 0004). 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

4. Claims 11 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
US 2003/0061505 A1 to Sperry in view of U.S. Patent Pub. 2003/0067903 A1 to 
Jorgensen et al. 

As to claim 11, Sperry discloses the limitations in the parent claim. Sperry 
does not expressly disclose the maximum packet storage time. Jorgensen 
discloses that excessive queuing can have detrimental effects on traffic by 
delaying time sensitive packets beyond their useful time frames and therefore, it 
is desired that queuing be used intelligently and sparingly, without introducing 
undue delay in delay-sensitive traffic such as real-time sessions (page 8, 
paragraph 0121). Sperry and Jorgensen are analogous art because they are 
from same type of art and they deal with same type of problem - appropriate 
time for storing data without hampering the flow of the network. At the time of 
invention, it would have been obvious to a person of ordinary skilled in the art to 
make the above modification. The suggestion/motivation would have been to 
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queue the data for sufficient time without introducing undue delay in delay- 
sensitive traffic such as real-time sessions (page 8, paragraph 0121). Therefore, 
it would have been obvious to combine Sperry with Jorgensen to the time limit of 
system memory to store the packet. 

5. Claims 12 and 13 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over US 2003/0061505 Alto Sperry in view of U.S. Patent Pub. 
2003/0023846 A1 to Krishna et al. 

As to claim 12, Sperry discloses the limitations in the parent claim. Sperry 
does not expressly disclose the maximum packet storage limit that specifies the 
maximum number of packets to be stored. Krishna discloses that fixed-sized 
packet cells may be stored in payload or packet buffers and fetched in 
appropriate time by packet classifier (page 4, paragraph .0049). Sperry and 
Krishna are analogous art because they are from same type of art and they deal 
with same type of problem - a fixed size for data packet and packet buffer. At the 
time of invention, it would have been obvious to a person of ordinary skilled in the 
art to make the above modification. The suggestion/motivation would have been 
to stop data overflow. Therefore, it would have been obvious to combine Sperry 
with Krishna to the maximum packet storage limit that specifies the maximum 
number of packets to be stored. 

As to claim 13, Sperry discloses the limitations in the parent claim. Sperry 
does not expressly disclose the maximum limit of system memory to store the 
packet. Krishna discloses that fixed-sized packet cells may be stored in payload 
or packet buffers and fetched in appropriate time by packet classifier (page 4, 
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paragraph 0049 and page 2, paragraph 0023). Sperry and Krishna are 
analogous art because they are from same type of art and they deal with same 
type of problem - a fixed size for data packet and packet buffer. At the time of 
invention, it would have been obvious to a person of ordinary skilled in the art to 
make the above modification. The suggestion/motivation would have been to 
stop data overflow. Therefore, it would have been obvious to combine Sperry 
with Krishna to the maximum limit of system memory to store the packet. 
6. Claims 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
US 2003/0061505 A1 to Sperry in view of U.S. Patent Pub. 2002/0083344 A1 to 
Vairavan. 

As to claim 17, Sperry discloses the limitations in the parent claim. 
Sperry does not expressly disclose that the system of claim 16, wherein each 
periodic interval is 500 milliseconds. Vairavan discloses that every time new 
packet is found, the connection is checked (page 10, paragraph 0135). Sperry 
and Vairavan are analogous art because they are from same type of art and they 
deal with same type of problem - checking existence of connection at periodic 
interval. At the time of invention, it would have been obvious to a person of 
ordinary skilled in the art to make the above modification. The 
suggestion/motivation would have been to check existing connection at regular 
interval (page 10, paragraph 0135). Therefore, it would have been obvious to 
combine Sperry with Vairavan to check whether there is a connection available at 
regular interval. 



Application/Control Number: 10/686,086 
Art Unit: 2616 



Page 



Conclusion 



Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Chowdhury M. Shahriar whose telephone 
number is 571-270-3318. The examiner can normally be reached on Mon-Fri 8 
AM-4 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Derrick Ferris can be reached on 571-272-3123. The fax 
phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 



Chowdhury M. Shahriar 
Patent Examiner 
Art unit 2616 





